summaryrefslogtreecommitdiff
path: root/package/network/utils
Commit message (Collapse)AuthorAgeFilesLines
* treewide: fix shellscript syntax errors/typosLorenzo Santina2017-09-133-4/+3
| | | | | | | | | Fix multiple syntax errors in shelscripts (of packages only) These errors were causing many conditions to not working properly Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it> [increase PKG_RELEASE, drop command substitution from directip.sh] Signed-off-by: Mathias Kresin <dev@kresin.em>
* tcpdump: Update to 4.9.1Daniel Engberg2017-08-151-2/+2
| | | | | | | Fixes: * CVE-2017-11108: Fix bounds checking for STP. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* curl: fix CVE-2017-7407 and CVE-2017-7468Hauke Mehrtens2017-07-283-1/+430
| | | | | | | | This fixes the following security problems: * CVE-2017-7407: https://curl.haxx.se/docs/adv_20170403.html * CVE-2017-7468: https://curl.haxx.se/docs/adv_20170419.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iw: enable MESH ID in scan outputMatthias Schiffer2017-03-251-4/+5
| | | | | | | | Make scan output useful for 802.11s meshes. The common print_ssid function is used, so this doesn't add any additional code. Based-on-patch-by: Jan-Tarek Butt <tarek@ring0.de> Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* iproute2: fix ip monitor can't work when NET_NS is not enabledYousong Zhou2017-03-192-1/+41
| | | | | | | | The bug appeared in v4.1.0 and was fixed since v4.8.0 Fixes FS#620 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* curl: fix CVE-2017-2629 SSL_VERIFYSTATUS ignoredHauke Mehrtens2017-03-133-5/+36
| | | | | | | This fixes the following security problem: https://curl.haxx.se/docs/adv_20170222.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* wireless-tools: Change download url to githubHsing-Wang Liao2017-03-011-1/+1
| | | | Signed-off-by: Hsing-Wang Liao <kuoruan@gmail.com>
* iftop: bump to latest upstreamKevin Darbyshire-Bryant2017-03-012-73/+8
| | | | | | | | | Drops a LEDE carried patch now upstream. Convert to autotools. A number of nits fixed upstream (dns & short packet handling most notable) Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* ebtables: update to last commitAnsuel Smith2017-03-013-183/+12
| | | | | | Refreshed patches Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* iw: sync nl80211.h with mac80211 packageFelix Fietkau2017-02-241-5/+289
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tcpdump: update to version 4.9.0Hauke Mehrtens2017-02-064-81/+81
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the following 41 security problems: + CVE-2016-7922: buffer overflow in print-ah.c:ah_print(). + CVE-2016-7923: buffer overflow in print-arp.c:arp_print(). + CVE-2016-7924: buffer overflow in print-atm.c:oam_print(). + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print(). + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print(). + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print(). + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print(). + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header(). + CVE-2016-7930: buffer overflow in print-llc.c:llc_print(). + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print(). + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum(). + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print(). + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print(). + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print(). + CVE-2016-7936: buffer overflow in print-udp.c:udp_print(). + CVE-2016-7937: buffer overflow in print-udp.c:vat_print(). + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame(). + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions. + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions. + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions. + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions. + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print(). + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print(). + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print(). + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print(). + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions. + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print(). + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print(). + CVE-2016-8575: buffer overflow in print-fr.c:q933_print(). + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print(). + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print(). + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print(). + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print(). + CVE-2017-5341: buffer overflow in print-otv.c:otv_print(). + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). + CVE-2017-5482: buffer overflow in print-fr.c:q933_print(). + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse(). + CVE-2017-5484: buffer overflow in print-atm.c:sig_print(). + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap(). + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print(). The size of the package is only incread very little: new size: 306430 tcpdump_4.9.0-1_mips_24kc.ipk 130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk old size: 302782 tcpdump_4.8.1-1_mips_24kc.ipk 129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iproute2: cake: update cake supportKevin Darbyshire-Bryant2017-02-012-11/+24
| | | | | | | Updated cake's tc patch to match the official cake repository formatting. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* iproute2: cake: add 'mpu' minimum packet length supportKevin Darbyshire-Bryant2017-02-012-4/+28
| | | | | | | Add 'mpu' minimum length packet size parameter for scheduling/bandwidth accounting. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* curl: fix HTTPS network timeouts with OpenSSLStijn Segers2017-01-161-0/+36
| | | | | | | | | Backport an upstream change to fix HTTPS timeouts with OpenSSL. Upstream curl bug #1174. Signed-off-by: Stijn Segers <francesco.borromini@inventati.org> [Jo-Philipp Wich: reword commit message, rename patch to 001-*] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uqmi: mark as nonshared because of the usb dependenciesFelix Fietkau2017-01-131-0/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* umbim: mark as nonshared because of the usb dependenciesFelix Fietkau2017-01-131-0/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* comgt: mark as nonshared because of the usb dependenciesFelix Fietkau2017-01-131-0/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* Revert the recent dependency and metadata scanning reworkFelix Fietkau2017-01-113-3/+3
| | | | | | | | | | | | | | | This reverts the following commits: fbe522d1204149b6c128d55e360bfc15fa8258e1 278ad007ee03c4455c3507322e34b0e3e6ec050d 863888e44f7a1fb1675a2e7a2eaabfec3561d2a2 96daf6352f6e04bc22789466cb5409b93fbec191 cfd83555fc4f0bab18a26f6812da18e64df46ff3 This seems to trigger some mconf bugs when built with all feeds packages, so I will try to find a less intrusive solution before the release. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* comgt: allow build without USB_SUPPORTFelix Fietkau2017-01-111-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* umbim: allow build without USB_SUPPORTFelix Fietkau2017-01-111-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uqmi: allow build without USB_SUPPORTFelix Fietkau2017-01-111-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iwinfo: drop references to madwifiStijn Tintel2017-01-101-3/+1
| | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Jo-Philipp Wich <jo@mein.io>
* build: use mkhash to replace various quirky md5sum/openssl callsFelix Fietkau2017-01-051-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* curl: Remove PolarSSL and adjust default to mbedTLSRosen Penev2017-01-034-30/+14
| | | | | | | luci-ssl has already made the switch since mainline support for PolarSSL is almost over (2016). Signed-off-by: Rosen Penev <rosenp@gmail.com>
* curl: update to version 7.52.1Hauke Mehrtens2017-01-022-4/+4
| | | | | | | | | | | This fixes the folowing security problems: CVE-2016-9586: printf floating point buffer overflow CVE-2016-9952: Win CE schannel cert wildcard matches too much CVE-2016-9953: Win CE schannel cert name out of buffer read CVE-2016-9594: unititialized random Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* treewide: clean up and unify PKG_VERSION for git based downloadsFelix Fietkau2016-12-225-21/+11
| | | | | | Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uqmi: add plmn set functionality for netifd proto handlerFlorian Eckert2016-12-221-2/+22
| | | | | | | uqmi has the possibility to allow the modem to start a regsitration process only to this specified plmn Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
* comgt-ncm: fix typo Fix typo in ncm.sh. Resolves:Cezary Jackiewicz2016-12-221-1/+1
| | | | | | Wed Dec 21 09:55:54 2016 daemon.notice netifd: wan (4455): ./ncm.sh: eval: line 1: =IP: not found Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
* iproute2: tc - update cake supportKevin Darbyshire-Bryant2016-12-202-11/+13
| | | | | | | | | | Update tc to track upstream cake changes: diffserv3 - a simple 3 tin classifier Also make diffserv3 and triple-isolate default Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* uqmi: Prevent 'POLICY MISMATH' error.Nickolay Ledovskikh2016-12-201-0/+1
| | | | | | | Add uqmi 'sync' command call to release stalled cid when preparing to setup new connection. As a result it prevents 'POLICY MISMATCH' errors. Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
* uqmi: bump to latest git HEADJohn Crispin2016-12-201-2/+2
| | | | | | | 8ceeab6 uqmi: Change returned value to QMI_CMD_REQUEST for 'sync' command. 1dc7be1 uqmi: Add sync command to release all cids. Signed-off-by: John Crispin <john@phrozen.org>
* uqmi: add support of using device symlinks.Nickolay Ledovskikh2016-12-201-0/+2
| | | | | | | It's useful when using multiple usb devices that should be bound to certain usb ports. Symlinks are created by hotplug handlers. Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
* comgt: add support of using device symlinks.Nickolay Ledovskikh2016-12-203-0/+5
| | | | | | | It's useful when using multiple usb devices that should be bound to certain usb ports. Symlinks are created by hotplug handlers. Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
* treewide: clean up download hashesFelix Fietkau2016-12-1623-23/+23
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* comgt-ncm: Add support for specifying profile indexMatti Laakso2016-12-144-56/+51
| | | | | | | | | | | | | | | Add support for specifying a call profile index instead of APN. A specific index different from 1 must be used for some service provider and modem combinations. In addition, change the manufacturer detection to use the standard AT+CGMI command, which produces more predictable output than ATI, remove the redundant ipv6 option, since it is less ambiguous to directly specify the PDP context type with mobile connections, and fix missing device during teardown when using ncm through the wwan proto. Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
* uqmi: Add support for specifying profile indexMatti Laakso2016-12-142-82/+93
| | | | | | | | | | | | | | Update uqmi to latest version, which brings about support for specifying a call profile index instead of APN. A specific index different from 1 must be used for some service provider and modem combinations. Also change option dhcp to dhcpv6, since IPv4 now always uses DHCP, replace option ipv6 with pdptype, which is less ambiguous, and make autoconnect optional and default it to off for IPv6 due to it not working with statically configured IPv6. Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
* netfilter: drop proprietary xt_id matchJo-Philipp Wich2016-12-141-69/+0
| | | | | | | | The xt_id match was used by the firewall3 package to track its own rules but the approach has been changed to use xt_comment instead now, so we can drop this nonstandard extension. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* iproute2: support latest cake & restore DSCP washingKevin Darbyshire-Bryant2016-12-121-55/+75
| | | | | | | Support new packet overhead passing paradigm in cake qdisc, also restore DSCP wash/nowash keywords. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* tcpdump: reduce size of -mini by removing more infrequently used protocolsFelix Fietkau2016-12-121-23/+25
| | | | | | | | | | | This removes: - BGP - CDP - SCTP MIPS binary .ipk size is reduced from ~150k to ~130k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* net/utils/tcpdump: update to 4.8.1p-wassi2016-12-124-576/+700
| | | | | | Update tcpdump to upstream release 4.8.1 Signed-off-by: Paul Wassi <p.wassi@gmx.at>
* curl: update to version 7.51.0Hauke Mehrtens2016-12-033-6/+6
| | | | | | | | | | | | | | | | | This fixes the following security problems: CVE-2016-8615: cookie injection for other servers CVE-2016-8616: case insensitive password comparison CVE-2016-8617: OOB write via unchecked multiplication CVE-2016-8618: double-free in curl_maprintf CVE-2016-8619: double-free in krb5 code CVE-2016-8620: glob parser write/read out of bounds CVE-2016-8621: curl_getdate read out of bounds CVE-2016-8622: URL unescape heap overflow via integer truncation CVE-2016-8623: Use-after-free via shared cookies CVE-2016-8624: invalid URL parsing with '#' CVE-2016-8625: IDNA 2003 makes curl use wrong host Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* xtables-addons: add CONFIG_NF_CONNTRACK_MARK=y to all kmod-* packagesFelix Fietkau2016-12-011-2/+2
| | | | | | | Not all kmod packages depends on kmod-ipt-compat-xtables, but this kernel config option is required for building the whole package Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iw: drop TX power patch that is part of upstream version nowRafał Miłecki2016-11-291-30/+0
| | | | | | | | | | | | | | | | Applying it again was resulting in duplicated TX info like: Interface wlan0 ifindex 6 wdev 0x1 addr 00:23:6a:a3:7d:00 ssid LEDE2 type AP wiphy 0 channel 11 (2462 MHz), width: 20 MHz, center1: 2462 MHz txpower 31.00 dBm txpower 31.00 dBm Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* ipset: Add InstallDev to provide libipset as libraryJulian Kornberger2016-11-261-1/+8
|
* arptables: bump to 2015-05-20Ralph Sennhauser2016-11-143-64/+13
| | | | | | | | | | | | | | | | | | This fixes building with musl and drops the dependency on the OpenWrt kernel-header patches: 270-uapi-kernel.h-glibc-specific-inclusion-of-sysinfo.h.patch 271-uapi-libc-compat.h-do-not-rely-on-__GLIBC__.patch 272-uapi-if_ether.h-prevent-redefinition-of-struct-ethhd.patch Use the new upstream location at netfilter.org and use a define instead of a patch to "optimize". See also: https://git.netfilter.org/arptables/log/ Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com> [Jo-Philipp Wich: add mirror SHA256 sum] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* conntrack-tools: update to v1.4.4Jo-Philipp Wich2016-11-141-6/+2
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* iw: fix build error caused by redeclaration of NL80211_ATTR_PADRafał Miłecki2016-11-121-6/+2
| | | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl> Fixes: 7aff00ab199 ("iw: update to version 4.9")
* iw: update to version 4.9Rafał Miłecki2016-11-125-88/+24
| | | | | | | This adds support for "channels" command which displays more details about channels. It includes e.g. info about available widths. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* iw: update to version 4.7Rafał Miłecki2016-11-128-634/+48
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* iperf3: update to version 3.1.4Christian Lamparter2016-11-081-2/+2
| | | | | | | | | "This release fixes a few minor bugs, including a (non-security-impacting) buffer overflow fix ported from upstream cjson." <http://software.es.net/iperf/news.html#iperf-3-1-4-released> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
generated by cgit v1.1 at 2024-07-28 22:58:29 +0000